Content deleted Content added
remove link |
|||
| (4 intermediate revisions by 4 users not shown) | |||
Line 1:
{{short description|Set of all computer components critical to its security}}
{{textbook|date=February 2020}}▼
{{distinguish|Trusted Computing}}
▲{{textbook|date=February 2020}}
The '''trusted computing base''' ('''TCB''') of a [[computer system]] is the set of all [[Computer hardware|hardware]], [[firmware]], and/or [[software]] components that are critical to its [[computer security|security]], in the sense that [[Software bug|bugs]] or [[Vulnerability (computing)|vulnerabilities]] occurring inside the TCB might jeopardize the security properties of the entire system. By contrast, parts of a computer system that lie outside the TCB must not be able to misbehave in a way that would leak any more [[privilege (computer science)|privilege]]s than are granted to them in accordance to the system's [[security policy]].
Line 8:
==Definition and characterization==
The term
{{cite conference
| first = John
Line 53:
As stated [[#A prerequisite to security|above]], [[Trusted system|trust]] in the trusted computing base is required to make any progress in ascertaining the security of the computer system. In other words, the trusted computing base is “trusted” first and foremost in the sense that it ''has'' to be trusted, and not necessarily that it is trustworthy. Real-world operating systems routinely have security-critical bugs discovered in them, which attests to the practical limits of such trust.<ref>[[Bruce Schneier]], [http://www.schneier.com/crypto-gram-0103.html#1 The security patch treadmill] (2001)</ref>
The alternative is formal [[software verification]], which uses mathematical proof techniques to show the absence of bugs. Researchers at [[NICTA]] and its spinout [[Open Kernel Labs]] have recently performed such a formal verification of
{{ cite conference
| first = Gerwin
| |||